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Claims 

This listing of claims will replace all prior versions, and listings, of claims in the 

application: 

1 . (Currently Amended) A system for authenticating a customer transaction on a 
electronic network, the system comprising: 

an access device for customer access to the electronic network; 

an integrated circuit chip card that is issued to the customer and contains 
customer-identifying data; 

a reader that is linkable to the access device and can communicat e with th e chip ; 

and 

an authentication request server (ARS) that in conjunction with an Access Control 
Server (ACS) is linked to the electronic network and can communicate with a party requesting 
authentication of the transaction, 

wherein the ACS is configured to communicate directly with the customer's 
access device for authentication of the transaction bypassing a need for authentication software 
downloads from the requesting party to the customer's access device; 

wherein the ARS is configured to receive transaction information from the 
requesting party and to communicate transaction data to the reader via the customer's access 
device, 



NY02:714633.1 



-2- 



Atty. Docket No.(070457.2080) 
PATENT 



wherein the reader is configured to receive the transaction data and to 
communicate a value based on the transaction data to the ehip card, 

wherein the ship card is configured to generate a cryptogram based on at least a 
portion of the transaction data and at least a portion of the customer-identifying data on the ehip 
card , 

wherein the reader is further configured to communicate an authentication token 
based on the cryptogram to the ARS, and 

wherein the ARS is further configured to evaluate customer-identifying data from 
the authentication token and to validate the authentication token for authentication of the 
customer transaction. 

2. (Original) The system of claim 1 wherein the transaction data communicated to 
the reader comprises a challenge based on the transaction information. 

3. (Original) The system of claim 1 wherein the authentication token has a format 
that is compatible with 3-D Secure protocol message formats. 

4. (Currently Amended) The system of claim 1 wherein tho authentication token 
upon succ e ssful evaluation by th e ARS results in g e neration by the ACS is further configured to 
generate ef an Accountholder Authentication Value (AAV) upon successful evaluation of the 
authentication token bv the ARS. wherein the AAV that is transported on the electronic network 
in an Universal Cardholder Authentication Field which has a 20 byte length. 

5 . (Currently Amended) The system of claim 1 wherein the ehip card and the reader 
are co-disposed in a single physical package. 
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6. (Currently Amended) The system of claim 1 wherein the access device, the chip 
card and the reader are co-disposed in a single physical package. 

7. (Currently Amended) The system of claim 1 wherein the ARS is configured to 
evaluate customer-identifying data from the authentication token by first rebuilding the data used 
by the chip card to generate the cryptogram, next generating a replica cryptogram from rebuilt 
data, and then matching the authentication token with the replica cryptogram. 

8 . (Original) The system of claim 1 , further comprising a cardholder database that 
can be accessed by ARS to retrieve stored customer information. 

9. (Previously Presented) The system of claim 1 in which the ARS is further 
configured to communicate an authentication result to the requesting party. 

10. (Currently Amended) The system of claim 1 wherein the ARS is further 
configured to match an application transaction counter received from the ©hip card against 
previous values of the application transaction counter received from the chip card and to 
accordingly authenticate the transaction. 

1 1 . (Withdrawn) A system for authenticating a customer transaction in a 3-D Secure 
compliant electronic network environment, the system comprising: 

an Authentication Request Server (ARS) operated by an issuer in conjunction 
with an Access Control Server (ACS); 

a Cardholder Authentication Page providing an interface between the ARS and 

the customer; 

an EMV - compliant chip card issued to the customer by the issuer, the chip card 
having customer identification data; and 
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a reader for communicating with the chip, wherein the reader is linkable to the 
Cardholder Authentication Page, 

wherein the chip card and the reader are configured to generate an authentication 
token based on a cryptogram of at least a portion of the customer identification data and at least a 
portion of transaction specific data received by the reader via the Cardholder Authentication 
Page, 

wherein the ARS is configured to evaluate the authentication token for validation, 

and 

wherein the validation of an authentication token results in the generation of an 
Accountholder Authentication Value (AAV) which is transported on the electronic network in an 
Universal Cardholder Authentication Field (UCAF) that has a 20-byte length. 

1 2. (Withdrawn) The system of claim 1 1 wherein the chip and the reader are co- 
disposed in a single physical package. 

1 3 . (Withdrawn) The system of claim 1 1 wherein the Cardholder Authentication 
Page, the chip, and the reader are co-disposed in a single physical package. 

14. (Withdrawn) The system of claim 1 1 wherein the chip card generates the 
cryptogram in response to EMV standard commands issued by the reader. 

1 5 . (Withdrawn) The system of claim 1 1 wherein the chip card comprises a bitmap 
mask selected by the issuer to identify specific bits of the cryptogram that are included by the 
reader in the authentication token. 
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16. (Withdrawn) The system of claim 1 1 wherein the chip card is programmed to 
generate the authentication token after verification of a personal identification code entry by the 
customer. 

17. (Withdrawn) The system of claim 1 1 wherein the chip card is programmed to 
generate the authentication token after the customer verifies a transaction amount. 

18. (Withdrawn) The system of claim 1 1 wherein the ACS is configured to display 
the Card Authorization Page as a pop-up or in-line web page for communication data and 
instructions to the cardholder. 

19. (Withdrawn) The system of claim 1 1 wherein the issuer verifies the validity of the 

authentication token by using the ARS. 

20. (Withdrawn) The system of claim 1 1 wherein the ARS is configured to extract the 
data known only to the chip from the authentication token, regenerate the cryptogram, and 
compare the regenerated cryptogram with the authentication token. 

2 1 . (Withdrawn) The system of claim 1 1 further comprising mechanisms for 
submission of both authenticated transaction authorization requests and unauthenticated 
transaction authorization requests to the issuer. 

22. (Currently Amended) A method for remote authentication of a customer who 
participates in an electronic transaction using a network access device, the method comprising: 

providing the customer with an integrated circuit ehip card that has customer- 
identifying data; 

providing a reader that is linkable to the customer's network access device andean 
communicate with the chip ; 
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using an authentication request server (ARS), which is linked to the electronic 
network and can communicate data to the reader, to receive transaction specific information and 
to communicate transaction specific data to the reader; 

using the reader to communicate the transaction specific data to the ehip card and 
to instruct the ehip card to generate a cryptogram based on at least a portion of the transaction 
specific data and at least a portion of the customer-identifying data; 

using the reader to generate an authentication token based on at least part of the 
cryptogram generated by the ehip card , 

using the ARS to validate the authentication token; 

generating an Accountholder Authentication Value (AAV) upon validation of the 
authentication token and transporting the AAV over the electronic network in an Universal 
Cardholder Authentication Field (UCAF) message to the issuer. 

23 . (Previously Presented) The method of claim 22, wherein the transaction specific 
data communicated to the reader comprises a challenge based on the transaction specific 
information. 

24. (Original) The method of claim 22 wherein using the reader to generate an 
authentication token comprises generating an authentication token in a format that is compatible 
with 3-D Secure protocol message formats. 

25 . (Original) The method of claim 22 wherein the AAV is transported on the 
electronic network in an UCAF which has a 20 byte length. 
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26 . (Currently Amended) The method of claim 22 wherein providing the customer 
with an integrated circuit chip card and providing a reader comprise providing a eMp card and a 
reader that are co-disposed in a single physical package. 

27. (Currently Amended) The method of claim 22 wherein the validation at the ARS 
comprises evaluating customer-identifying data in the authentication token by first rebuilding the 
data used by the chip card to generate the cryptogram, next generating a replica cryptogram from 
the rebuilt data, and then matching the authentication token with the replica cryptogram. 

28 . (Original) The method of claim 27 further comprising accessing a cardholder 
database that is accessible by ARS to retrieve stored customer information. 

29. (Original) The method of claim 27 further comprising communicating a validation 

result to a requesting party. 

30. (Currently Amended) The method of claim 27 wherein the validation at the ARS 
further comprises matching an application transaction counter received from the ehip card 
against previous values of the application transaction counter received from the chip card and 
accordingly authenticating the transaction. 
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